skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

BUGCROWD UNIVERSITY

Profiling the Attacker – Using Offender Profiling In SOC Environments

By : James Stevenson (@_JamesStevenson)

It’s been said ‘‘Intrusion analysis is as much about tcpdump as astronomy is about telescopes”. Understanding who is attacking your or a customer’s network and why is just as important as analyzing the packets on it. This slot will focus on a technical offender profiling framework that can be used to build a knowledge base on malicious actors. This talk will delve into the following areas: – Building an information classification for your assets – Attack significance plotting – Attack factor comparison analysis – Discerning motive – Attacker kill chain analysis – Malicious actor profile checklist – Naming conventions for malicious actors

manizzler

James Stevenson is a computer security graduate and software engineer for BT Security and has previously worked as a security analyst for the cloud security company Alert Logic. He is also a speaker at security conferences on topics from offender profiling to getting into the industry.

Back To Top